search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
CVE-2023-42669 s4-rpc_server: Disable rpcecho server by default
[Samba.git] / third_party / heimdal_build / wscript_configure
blob83c6e122e794a23e9e55eefa1b3d4b05c8dad9c8
1 #!/usr/bin/env python
2 # Waf build script for Samba 4's bundled Heimdal.
3
4 # Unless explicitly requested by the user (e.g.
5 # "./configure --bundled-libraries=!asn1_compile") this will always use the
6 # bundled Heimdal, even if a system heimdal was found. The reason
7 # for this is that our checks for the system heimdal are not accurate
8 # enough yet to know if it is usable (some bug fix might be missing,
9 # compile_et might not generate the expected code, etc).
10
11 from waflib import Logs
12
13 conf.CHECK_TYPE('u_char', 'uint8_t')
14 conf.CHECK_TYPE('u_int32_t', 'uint32_t')
15
16 conf.CHECK_HEADERS('err.h')
17
18 conf.CHECK_HEADERS('ifaddrs.h')
19 conf.CHECK_HEADERS('''crypt.h errno.h inttypes.h netdb.h signal.h sys/bswap.h
20 sys/file.h sys/stropts.h sys/timeb.h sys/times.h sys/uio.h sys/un.h
21 sys/utsname.h time.h timezone.h ttyname.h netinet/in.h
22 netinet/in6.h netinet6/in6.h''')
23
24 conf.CHECK_HEADERS('curses.h term.h termcap.h', together=True)
25
26 conf.CHECK_FUNCS('''atexit cgetent getprogname setprogname gethostname
27 putenv rcmd readv secure_getenv
28 sendmsg setitimer strlwr strncasecmp mkostemp
29 strptime strsep strsep_copy strtok_r strupr swab umask uname unsetenv
30 closefrom err warn errx warnx flock writev''')
31
32 conf.CHECK_FUNCS_IN('hstrerror', 'resolv socket nsl', checklibc=True)
33 conf.CHECK_FUNCS_IN('''getnameinfo sendmsg socket getipnodebyname gethostent gethostent_r
34 sethostent endhostent getipnodebyaddr freehostent gethostbyname
35 gethostbyname_r gethostbyaddr''',
36 'socket nsl',
37 checklibc=True)
38
39 conf.CHECK_FUNCS('iruserok')
40
41 conf.CHECK_FUNCS('bswap16')
42 conf.CHECK_FUNCS('bswap32')
43
44 conf.CHECK_TYPE('struct winsize', define='HAVE_STRUCT_WINSIZE', headers='sys/termios.h sys/ioctl.h')
45 conf.CHECK_STRUCTURE_MEMBER('struct winsize', 'ws_xpixel',
46 define='HAVE_WS_XPIXEL', headers='sys/termios.h sys/ioctl.h')
47 conf.CHECK_STRUCTURE_MEMBER('struct winsize', 'ws_ypixel',
48 define='HAVE_WS_YPIXEL', headers='sys/termios.h sys/ioctl.h')
49 conf.DEFINE('HAVE_KRB_STRUCT_WINSIZE', 1)
50 conf.DEFINE('VOID_RETSIGTYPE', 1)
51
52 conf.CHECK_VARIABLE('h_errno', headers='netdb.h')
53
54 # strangely enough, we need it with another define too
55 conf.CHECK_DECLS('h_errno', headers='netdb.h')
56
57 conf.CHECK_FUNCS_IN('res_search res_nsearch res_ndestroy dns_search dn_expand', 'resolv',
58 checklibc=True, headers='netinet/in.h arpa/nameser.h resolv.h dns.h')
59 conf.CHECK_VARIABLE('_res', headers='netinet/in.h arpa/nameser.h resolv.h')
60 conf.CHECK_DECLS('_res', headers='netinet/in.h arpa/nameser.h resolv.h')
61
62 conf.DEFINE('HAVE_KRB5',1)
63
64 conf.CHECK_FUNCS('dirfd', headers='dirent.h')
65 conf.CHECK_DECLS('dirfd', reverse=True, headers='dirent.h')
66 conf.CHECK_STRUCTURE_MEMBER('DIR', 'dd_fd', define='HAVE_DIR_DD_FD', headers='dirent.h')
67
68 if conf.env['WITH_KERNEL_KEYRING'] is not False:
69 require_keyutils = False
70 if conf.env['WITH_KERNEL_KEYRING'] is True:
71 require_keyutils = True
72 conf.CHECK_FUNCS_IN('add_key keyctl_get_persistent',
73 'keyutils', headers='keyutils.h',
74 mandatory=require_keyutils)
75 conf.CHECK_SIZEOF('key_serial_t', headers='keyutils.h',
76 critical=require_keyutils)
77
78 heimdal_no_error_flags = ['-Wno-error=cast-qual',
79 '-Wno-error=discarded-qualifiers',
80 '-Wno-error=old-style-definition',
81 '-Wno-error=unused-result',
82 '-Wno-error=unused-variable'
83 ]
84 for flag in heimdal_no_error_flags:
85 conf.ADD_NAMED_CFLAGS('HEIMDAL_NO_ERROR_CFLAGS',
86 flag,
87 testflags=True)
88
89 conf.ADD_NAMED_CFLAGS('HEIMDAL_UNPICKY_WNO_STRICT_OVERFLOW_CFLAGS',
90 '-Wno-strict-overflow',
91 testflags=True)
92
93 conf.ADD_NAMED_CFLAGS('HEIMDAL_UNPICKY_WNO_FREE_NOHEAP_OBJECT_CFLAGS',
94 '-Wno-error=free-nonheap-object',
95 testflags=True)
96
97 if len(bld.env.HEIMDAL_NO_ERROR_CFLAGS) == len(heimdal_no_error_flags):
98 Logs.info("Most warnings in Heimdal code will "
99 "error due to -Werror (good)")
100 else:
101 conf.env.allow_heimdal_warnings = True
102 # Needed on CentOS 7 and Ubuntu 16.04 only for Bison generated
103 # files when we are not doing strict warnings -> errors
104 conf.ADD_NAMED_CFLAGS('HEIMDAL_UNPICKY_WNO_MAYBE_UNINITIALIZED_CFLAGS',
105 '-Wno-error=maybe-uninitialized',
106 testflags=True)
107 Logs.info("Allowing warnings in Heimdal code as this compiler does "
108 "not support enough -Wno-error flags (bad)")
109
110 conf.DEFINE('SAMBA4_USES_HEIMDAL', 1)
111
112 # setup the right defines for a in-tree heimdal build
113 Logs.info("Using in-tree heimdal kerberos defines")
114 conf.define('HAVE_GSSAPI_GSSAPI_H', 1)
115 conf.define('HAVE_GSSAPI_GSSAPI_KRB5_H', 1)
116 conf.define('HAVE_AP_OPTS_USE_SUBKEY', 1)
117 conf.define('HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK', 1)
118 conf.define('HAVE_KRB5_SET_REAL_TIME', 1)
119 conf.define('HAVE_COM_ERR_H', 1)
120 conf.define('HAVE_ADDR_TYPE_IN_KRB5_ADDRESS', 1)
121 conf.define('HAVE_GSS_DISPLAY_STATUS', 1)
122 conf.define('HAVE_GSS_WRAP_IOV', 1)
123 conf.define('HAVE_GSS_KRB5_IMPORT_CRED', 1)
124 conf.define('HAVE_GSS_OID_EQUAL', 1)
125 conf.define('HAVE_GSS_INQUIRE_SEC_CONTEXT_BY_OID', 1)
126 conf.define('HAVE_GSSKRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT', 1)
127 conf.define('HAVE_GSSKRB5_GET_SUBKEY', 1)
128 conf.define('HAVE_GSS_KRB5_EXPORT_LUCID_SEC_CONTEXT', 1)
129 conf.define('HAVE_GSS_IMPORT_CRED', 1)
130 conf.define('HAVE_GSS_EXPORT_CRED', 1)
131 conf.define('HAVE_GSS_KRB5_CRED_NO_CI_FLAGS_X', 1)
132 conf.define('HAVE_GSSAPI', 1)
133 conf.define('HAVE_ADDR_TYPE_IN_KRB5_ADDRESS', 1)
134 conf.define('HAVE_CHECKSUM_IN_KRB5_CHECKSUM', 1)
135 conf.define('HAVE_DECL_KRB5_AUTH_CON_SET_REQ_CKSUMTYPE', 0)
136 conf.define('HAVE_DECL_KRB5_GET_CREDENTIALS_FOR_USER', 0)
137 conf.define('HAVE_E_DATA_POINTER_IN_KRB5_ERROR', 1)
138 conf.define('HAVE_INITIALIZE_KRB5_ERROR_TABLE', 1)
139 conf.define('HAVE_KRB5_ADDRESSES', 1)
140 conf.define('HAVE_KRB5_AUTH_CON_SETKEY', 1)
141 conf.define('HAVE_KRB5_CC_GET_LIFETIME', 1)
142 conf.define('HAVE_KRB5_CC_COPY_CACHE', 1)
143 conf.define('HAVE_KRB5_CREATE_CHECKSUM', 1)
144 conf.define('HAVE_KRB5_CRYPTO', 1)
145 conf.define('HAVE_KRB5_CRYPTO_DESTROY', 1)
146 conf.define('HAVE_KRB5_CRYPTO_INIT', 1)
147 conf.define('HAVE_KRB5_C_VERIFY_CHECKSUM', 1)
148 conf.define('HAVE_KRB5_ENCTYPE_TO_STRING', 1)
149 conf.define('HAVE_KRB5_ENCTYPE_TO_STRING_WITH_KRB5_CONTEXT_ARG', 1)
150 conf.define('HAVE_KRB5_FREE_ERROR_CONTENTS', 1)
151 conf.define('HAVE_KRB5_FREE_UNPARSED_NAME', 1)
152 conf.define('HAVE_KRB5_FREE_HOST_REALM', 1)
153 conf.define('HAVE_KRB5_FWD_TGT_CREDS', 1)
154 conf.define('HAVE_KRB5_GET_CREDS', 1)
155 conf.define('HAVE_KRB5_GET_CREDS_OPT_ALLOC', 1)
156 conf.define('HAVE_KRB5_GET_CREDS_OPT_SET_IMPERSONATE', 1)
157 conf.define('HAVE_KRB5_GET_DEFAULT_IN_TKT_ETYPES', 1)
158 conf.define('HAVE_KRB5_GET_HOST_REALM', 1)
159 conf.define('HAVE_KRB5_GET_INIT_CREDS_OPT_ALLOC', 1)
160 conf.define('HAVE_KRB5_GET_INIT_CREDS_OPT_FREE', 1)
161 conf.define('HAVE_KRB5_GET_INIT_CREDS_OPT_GET_ERROR', 1)
162 conf.define('HAVE_KRB5_GET_INIT_CREDS_OPT_SET_PAC_REQUEST', 1)
163 conf.define('HAVE_KRB5_GET_INIT_CREDS_KEYBLOCK', 1)
164 conf.define('HAVE_KRB5_GET_PW_SALT', 1)
165 conf.define('HAVE_KRB5_GET_RENEWED_CREDS', 1)
166 conf.define('HAVE_KRB5_KEYBLOCK_KEYVALUE', 1)
167 conf.define('HAVE_KRB5_KEYBLOCK_INIT', 1)
168 conf.define('HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK', 1)
169 conf.define('HAVE_KRB5_KRBHST_GET_ADDRINFO', 1)
170 conf.define('HAVE_KRB5_KRBHST_INIT', 1)
171 conf.define('HAVE_KRB5_KT_COMPARE', 1)
172 conf.define('HAVE_KRB5_KT_FREE_ENTRY', 1)
173 conf.define('HAVE_KRB5_KU_OTHER_CKSUM', 1)
174 conf.define('HAVE_KRB5_LOCATE_PLUGIN_H', 1)
175 conf.define('HAVE_KRB5_MK_REQ_EXTENDED', 1)
176 conf.define('HAVE_KRB5_PRINCIPAL_COMPARE_ANY_REALM', 1)
177 conf.define('HAVE_KRB5_PRINCIPAL_GET_COMP_STRING', 1)
178 conf.define('HAVE_KRB5_PRINCIPAL_GET_REALM', 1)
179 conf.define('HAVE_KRB5_MAKE_PRINCIPAL', 1)
180 conf.define('HAVE_KRB5_REALM_TYPE', 1)
181 conf.define('HAVE_KRB5_SET_DEFAULT_IN_TKT_ETYPES', 1)
182 conf.define('HAVE_KRB5_SET_REAL_TIME', 1)
183 conf.define('HAVE_KRB5_STRING_TO_KEY', 1)
184 conf.define('HAVE_KRB5_STRING_TO_KEY_SALT', 1)
185 conf.define('HAVE_FREE_CHECKSUM', 1)
186 conf.define('HAVE_LIBKRB5', 1)
187 conf.define('KRB5_CREDS_OPT_FREE_REQUIRES_CONTEXT', 1)
188 conf.define('HAVE_ETYPE_IN_ENCRYPTEDDATA', 1)
189 conf.define('KRB5_PRINC_REALM_RETURNS_REALM', 1)
190 conf.define('HAVE_KRB5_PRINCIPAL_GET_REALM', 1)
191 conf.define('HAVE_KRB5_H', 1)
192 conf.define('HAVE_AP_OPTS_USE_SUBKEY', 1)
193 conf.define('HAVE_ENCTYPE_ARCFOUR_HMAC_MD5', 1)
194 conf.define('HAVE_ENCTYPE_ARCFOUR_HMAC_MD5_56', 1)
195 conf.define('HAVE_ENCTYPE_ARCFOUR_HMAC', 1)
196 conf.define('HAVE_KRB5_PDU_NONE_DECL', 1)
197 conf.define('HAVE_ENCTYPE_AES128_CTS_HMAC_SHA1_96', 1)
198 conf.define('HAVE_ENCTYPE_AES256_CTS_HMAC_SHA1_96', 1)
199 conf.define('HAVE_KRB5_PRINCIPAL_GET_NUM_COMP', 1)
200 conf.define('HAVE_GSSAPI_GSSAPI_SPNEGO_H', 1)
201 conf.define('HAVE_FLAGS_IN_KRB5_CREDS', 1)
202 conf.define('HAVE_KRB5_CONFIG_GET_BOOL_DEFAULT', 1)
203 conf.define('HAVE_KRB5_DATA_COPY', 1)
204 conf.define('HAVE_KRB5_PRINCIPAL_SET_REALM', 1)
205 conf.define('HAVE_KRB5_PRINCIPAL_SET_TYPE', 1)
206 conf.define('HAVE_KRB5_PRINCIPAL_GET_TYPE', 1)
207 conf.define('HAVE_KRB5_WARNX', 1)
208 conf.define('HAVE_KRB5_PROMPT_TYPE', 1)
209
210 if conf.CONFIG_SET('USING_EMBEDDED_HEIMDAL'):
211 conf.define('HAVE_KRB5_ADDLOG_FUNC_NEED_CONTEXT', 1)
212 conf.define('HAVE_KRB5_CONST_PAC', 1)
213 conf.define('KRB5_CONST_PAC_GET_BUFFER', 1)
214 conf.define('HAVE_KRB5_PAC_IS_TRUSTED', 1)
215 else:
216 pass # TODO
217
218 conf.CHECK_SIGN('time_t')
Samba GIT mirror